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DETAILED ACTION 

1 . This action is issued in response to the Amendment filed on 1 0/08/2008. 

2. No claims were amended. No claims were canceled. No claims were added. 

3. This action is made Final. 

4. Claims 1 -18 are pending in this application. 

5. Applicant's arguments filed on 10/08/2008 have been fully considered but they 
are not persuasive. 



Claim Rejections - 35 USC § 102 

6. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1 ) an application for patent, published under section 1 22(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

7. Claims 1 - 18 are rejected under 35 U.S.C. 102(b) as being anticipated by Coss 
et al. (Coss hereinafter) US Patent No. 6,170,012 B1. 



Regarding Claim 1, Coss discloses a data processing device, including 
computer-executable instructions stored on a computer-readable medium, installed in a 
data processing server, said device comprising: 
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a first table storing sets of at least one primary rule, called "primary metarules", in 
a parameterizable form and in corresponding relationship to primary identifiers and (Fig. 
Fig. 3, Col. 2 and 4, lines 37 - 41 and 1 - 6; Coss discloses dynamic rules which 
values, such as, host, can be modified; which corresponds to a parameterizable form as 
claimed; respectively, Coss); and 

management means which is coupled to control means of said data processing 
server and, on receipt of auxiliary data representing operating parameters delivered by 
said control means after reception by the data processing server of secondary data 
(Col. 5, lines 35 - 41 , Coss), selects at least one of the primary identifiers in the first 
table (Col. 5, lines 43 - 46, Coss) and associates said auxiliary data therewith so as to 
define said dedicated processes of said control means (Col. 4 and 5, lines 3-6 and 35 
- 40; respectively, Coss); 

wherein said control means applies said defined dedicated processes to process 
primary data received by said data processing server, said data processing server 
transmitting said primary data based on said processing (Col. 5, lines 43-46, Coss); 
and 

wherein said at least one primary metarule is specified according to a string of 
characters containing a place-holder for each parameter of said primary metarule that is 
not statically defined (Col. 4, lines 15 - 21 , "When a category provided for in the rule 
table is irrelevant in a certain rule, the corresponding table entry can be marked as a 
'wild card.' This can apply to any one or any combination of categories. In Fig. 3, and 
elsewhere, an asterisk (*) is used for wild card entries. 'FTP' stands for 'file transfer 
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protocol'," Coss; also note that as well known in the art, "wild card" is defined as: A 
symbol that can represent one or any group of other characters. The term is used 
particularly of disk filenames, but it is also used in specifying database searches. A 
common wild-card character is the asterisk (*). For example, the disk command 
DELETE L* would cause deletion of files LONG, LAME, LIMB, L1 23, or any other file 
whose name starts with the letter L. The ? character is often used as a single wild card, 
meaning that it can be substituted for any single character; (Collings Dcitionary of 
Computing, Ian R. Sinclair, 2000). The examiner interprets the wild card "*" as the 
string of characters containing a place holder for each parameter.. .that is not statically 
defined, since the wild card "*" represents the character/s and places/positions of a 
dynamic/changing/non-static rule). 

Regarding Claim 2, Coss discloses a device, further comprising a second table 
accessible to said management means in which are stored secondary identifiers each in 
corresponding relationship to at least one selected primary identifier associated with 
auxiliary data (Fig. 3 and 4, Col. 5, lines 51 - 57; wherein the rule no. in table of Fig. 4 
corresponds to rule no. in table of Fig. 5, Coss). 

Regarding Claim 3, Coss discloses a device, wherein said management means, 
on receipt of said auxiliary data, determine whether the at least one selected primary 
identifiers corresponding to the type of said auxiliary data is present in the secondary 
table (Fig. 4, Col. 5, lines 43 - 47 and 51 - 53, Coss), and associate the at least one 
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selected primary identifier with new auxiliary data so as to adapt said dedicated 
processes (Col. 5, lines 53 - 59, Coss). 

Regarding Claim 4, Coss discloses a device, wherein certain selected primary 
metarules in the second table are grouped into secondary metarules represented by 
secondary identifiers (Col. 5, lines 1 - 7, Coss). 

Regarding Claim 5, Coss discloses a device, wherein said management means 
comprise a multiplicity of management submodules each of which manage the 
association of auxiliary data with at least one primary or secondary metarule (Col. 4 and 
5, lines 3-6 and 35 - 40; respectively, Coss) and on receipt of said auxiliary data, to 
determine which of said management submodules corresponds thereto (Col. 5, lines 43 
-46, Coss). 

Regarding Claim 6, Coss discloses a device, wherein that said management 
means are adapted, on receipt of said auxiliary data communicated by the server, to 
add, delete or modify primary or secondary metarules or auxiliary data in the second 
table associated with said primary or secondary metarules (Col.8, lines 34 - 36 and 41 
- 44, Coss). 
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Regarding Claim 7, Coss discloses a device, wherein that said management 
means and said tables are part of a metafirewall which manages a firewall equipping 
said server (Col. 1 and 2, lines 63 - 67 and 1 - 3; respectively, Coss). 

Regarding Claim 8, Coss discloses a firewall comprising a device (Col. 1 and 2, 
lines 63 - 67 and 1 - 3; respectively, Coss). 

Regarding Claim 9, Coss discloses a data processing method, comprising: 
storing in a first table sets of at least one primary rule, called "primary metarules", 

in a parameterizable form and in corresponding relationship to primary identifiers (Fig. 

3, Col. 2 and 4, lines 37 - 41 and 1 - 6; Coss discloses dynamic rules which values, 

such as, host, can be modified; which corresponds to a parameterizable form as 

claimed; respectively, Coss); 

on receipt of auxiliary data representing operating parameters delivered by the 

server after the receipt of secondary data (Col. 5, lines 35 - 41 , Coss), selecting at least 

one of the primary identifiers in the first table (Col. 5, lines 43 - 46, Coss); 

associating said auxiliary data with said selected primary identifier so as to 

define said dedicated processes of said control means (Col. 4 and 5, lines 3-6 and 35 

- 40; respectively, Coss); and 

applying said dedicated processes based on primary rules toprocess primary 
data received by said data processing server, and transmitted by said data processing 
server based on said processing (Col. 5, lines 43 - 46, Coss); and 
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wherein said at least one primary metarule is specified according to a string of 
characters containing a place-holder for each parameter of said primary metarule that is 
not statically defined (Col. 4, lines 15 - 21 , "When a category provided for in the rule 
table is irrelevant in a certain rule, the corresponding table entry can be marked as a 
'wild card.' This can apply to any one or any combination of categories. In Fig. 3, and 
elsewhere, an asterisk (*) is used for wild card entries. 'FTP' stands for 'file transfer 
protocol'," Coss; also note that as well known in the art, "wild card" is defined as: A 
symbol that can represent one or any group of other characters. The term is used 
particularly of disk filenames, but it is also used in specifying database searches. A 
common wild-card character is the asterisk (*). For example, the disk command 
DELETE L* would cause deletion of files LONG, LAME, LIMB, L1 23, or any other file 
whose name starts with the letter L. The ? character is often used as a single wild card, 
meaning that it can be substituted for any single character; (Collings Dcitionary of 
Computing, Ian R. Sinclair, 2000). The examiner interprets the wild card "*" as the 
string of characters containing a place holder for each parameter.. .that is not statically 
defined, since the wild card "*" represents the character/s and places/positions of a 
dynamic/changing/non-static rule). 

Regarding Claim 10, Coss discloses a method, characterized in that, wherein 
during the preliminary step, secondary identifiers each in corresponding relationship to 
at least one selected primary identifier associated with auxiliary data are stored in a 
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second table (Fig. 3 and 4, Col. 5, lines 51 - 57; wherein the rule no. in table of Fig. 4 
corresponds to rule no. in table of Fig. 5, Coss). 

Regarding Claim 11, Coss discloses a method, wherein on receipt of the auxiliary 
data, it is determined whether the at least one selected primary identifiers that 
corresponds to the type of auxiliary data is present in the second table (Fig. 4, Col. 5, 
lines 43 - 47 and 51 - 53, Coss), and to associate the at least one selected primary 
identifier with new auxiliary data so as to adapt said dedicated processes (Col. 5, lines 
53 - 59, Coss). 

Regarding Claim 12, Coss discloses a method, wherein certain primary 
metarules in the second table are grouped into secondary metarules represented by 
secondary identifiers (Col. 5, lines 1 - 7, Coss). 

Regarding Claim 13, Coss discloses a method, wherein there are executed in 
parallel the selection of the primary or secondary metarules in the first table (Col. 5, 
lines 43 - 46, Coss) and the modification of the auxiliary data in the second table 
associated with the secondary identifier representing the selected primary or secondary 
metarules (Col.8, lines 34 - 36 and 41 - 44, Coss). 

Regarding Claim 14, Coss discloses a method, wherein, on receipt of 
complementary data communicated by said server, primary or secondary metarules are 
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added to, deleted from or modified in the second table (Col.8, lines 34 - 36 and 41 - 44, 
Coss). 



Regarding Claim 15, Coss discloses a network data processing device, 
comprising: 

a network data processing module (Col.3, lines 20 - 22, Coss); and 
a management module coupled to said network data processing module, said 
management module comprising a first memory containing a first table (Fig. 3, Col. 3 
and 4, lines 66 - 67 and 1 ; respectively, Coss), said first table containing primary 
identifiers associated with at least one parameterized rule (Col.4, lines 1 - 6, Coss) for 
providing direction to said network data processing module when one or more of said 
primary identifiers and said at least one parameterized rule are associated with at least 
one parameter value (Col.4, lines 1 - 6, "... designations of source and destination 
hosts, a designation of special service which can be called for in a packet..."; Coss 1 ); 

wherein said network data processing module, in response to receiving said 
direction, manages network data according to said direction (Col.4, lines 22 - 26, Coss); 
and 

wherein said at least one parameterized rule is specified according to a string of 
characters containing a place-holder for each parameter of said parameterized rule that 
is not statically defined (Col. 4, lines 15 - 21 , "When a category provided for in the rule 
table is irrelevant in a certain rule, the corresponding table entry can be marked as a 
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'wild card.' This can apply to any one or any combination of categories. In Fig. 3, and 
elsewhere, an asterisk (*) is used for wild card entries. 'FTP' stands for 'file transfer 
protocol'," Coss; also note that as well known in the art, "wild card" is defined as: A 
symbol that can represent one or any group of other characters. The term is used 
particularly of disk filenames, but it is also used in specifying database searches. A 
common wild-card character is the asterisk (*). For example, the disk command 
DELETE L* would cause deletion of files LONG, LAME, LIMB, L1 23, or any other file 
whose name starts with the letter L. The ? character is often used as a single wild card, 
meaning that it can be substituted for any single character; (Collings Dcitionary of 
Computing, Ian R. Sinclair, 2000). The examiner interprets the wild card "*" as the 
string of characters containing a place holder for each parameter... that is not statically 
defined, since the wild card "*" represents the character/s and places/positions of a 
dynamic/changing/non-static rule). 

Regarding Claim 16, Coss discloses a device, said management module further 
comprising a second memory containing a second table, said second table containing 
secondary identifiers associated with at least one of said primary identifiers and one or 
more respective parameter values (Fig. 3 and 4, Col. 5, lines 51 - 57; wherein the rule 
no. in table of Fig. 4 corresponds to rule no. in table of Fig. 5, Coss). 



1 Coss discloses dynamic rules which values, such as, host, can be modified; which corresponds to a 
parameterizable form as claimed (Col. 2, lines 37-41, Coss). 
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Regarding Claim 17, Coss discloses a method of processing network data, 
comprising: 

storing as entries in a first table, primary identifiers, each with one or more 
associated parameterized rules (Fig. 3, Col. 3 and 4, lines 66 - 67 and 1 ; respectively, 
Coss); 

receiving data comprising at least one parameter value (Col. 4, lines 8-11 and 
26 - 29, Coss); and 

making a determination whether said parameter value can be associated with an 
existing one of the entries in said first table (Col. 4, lines 22 - 29, Coss); 

when the determination is affirmative, making a combination of said parameter 
value and said associated parameterized rules, and communicating said combination to 
a network data processing module so as to direct the management of network data by 
said network data processing module (Col. 5, lines 35 - 48; wherein the step of caching 
the results of applying the rule set to a packet of a give network session corresponds to 
the step of making a combination of said parameter value and said associated 
parameterized rules as claimed, Coss); 

wherein each of said associated parameterized rules is specified according to a 
string of characters containing a place-holder for each parameter of said associated 
parameterized rule that is not statically defined (Col. 4, lines 15 - 21 , "When a category 
provided for in the rule table is irrelevant in a certain rule, the corresponding table entry 
can be marked as a 'wild card.' This can apply to any one or any combination of 
categories. In Fig. 3, and elsewhere, an asterisk (*) is used for wild card entries. 'FTP' 
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stands for 'file transfer protocol'," Coss; also note that as well known in the art, "wild 
card" is defined as: A symbol that can represent one or any group of other characters. 
The term is used particularly of disk filenames, but it is also used in specifying database 
searches. A common wild-card character is the asterisk (*). For example, the disk 
command DELETE L* would cause deletion of files LONG, LAME, LIMB, L123, or any 
other file whose name starts with the letter L. The ? character is often used as a single 
wild card, meaning that it can be substituted for any single character; (Collings 
Dcitionary of Computing, Ian R. Sinclair, 2000). The examiner interprets the wild card 
"*" as the string of characters containing a place holder for each parameter.. .that is not 
statically defined, since the wild card "*" represents the character/s and places/positions 
of a dynamic/changing/non-static rule). 

Regarding Claim 18, Coss discloses a method of processing network data, 
comprising: 

storing as entries in a first table, first primary identifiers, each with one or more 
associated parameterized rules (Fig. 3, Col. 3 and 4, lines 66 - 67 and 1 ; respectively, 
Coss); 

storing as entries in a second table, secondary identifiers, each with one or more 
associated second primary identifiers and one or more associated parameter values 
(Fig. 3 and 4, Col. 5, lines 51 - 57; wherein the rule no. in table of Fig. 4 corresponds to 
rule no. in table of Fig. 5, Coss); 
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receiving data comprising at least one new parameter value (Col. 6, lines 30 - 
34, Coss); 

determining at least one associable second primary identifier which said new 
parameter value can be associated with (Col. 6, lines 41 - 44, Coss); 

storing said new parameter value in association with said associable second 
primary identifier (Col. 6, 44 - 47, Coss); 

determining current associated parameter values and corresponding 
parameterized rules for each of said secondary identifiers (Col. 6, lines 50 - 53, Coss); 

making a combination said current associated parameter values and said 
corresponding parameterized rules for directing said network data processing module 
(Col. 6, lines 50 - 58, Coss); and 

communicating said combination to a network data processing module so as to 
direct the management of network data by said network data processing module (Col. 6, 
lines 50-58, Coss); 

wherein each of said associated parameterized rules is specified according to a 
string of characters containing a place-holder for each parameter of said parameterized 
rule that is not statically defined (Col. 4, lines 15 - 21 , "When a category provided for in 
the rule table is irrelevant in a certain rule, the corresponding table entry can be marked 
as a 'wild card.' This can apply to any one or any combination of categories. In Fig. 3, 
and elsewhere, an asterisk (*) is used for wild card entries. 'FTP' stands for 'file transfer 
protocol'," Coss; also note that as well known in the art, "wild card" is defined as: A 
symbol that can represent one or any group of other characters. The term is used 
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particularly of disk filenames, but it is also used in specifying database searches. A 
common wild-card character is the asterisk (*). For example, the disk command 
DELETE L* would cause deletion of files LONG, LAME, LIMB, L1 23, or any other file 
whose name starts with the letter L. The ? character is often used as a single wild card, 
meaning that it can be substituted for any single character; (Collings Dcitionary of 
Computing, Ian R. Sinclair, 2000). The examiner interprets the wild card "*" as the 
string of characters containing a place holder for each parameter.. .that is not statically 
defined, since the wild card "*" represents the character/s and places/positions of a 
dynamic/changing/non-static rule). 



Response to Arguments 

8. Applicant argues that the applied art fails to disclose; " management means 
which is coupled to control means of said data processing server and, on receipt of 
auxiliary data representing operating parameters delivered by said control means after 
reception by the data processing server of secondary data, selects at least one of the 
primary identifiers in the first table and associates said auxiliary data therewith so as to 
define said dedicated processes of said control means". 

Examiner respectfully disagrees. The applied art Coss does disclose: 
management means which is coupled to control means (see Col. 9, lines 30 - 35; Col. 
1 0, lines 6 - 7; and Col. 6, lines 1 - 5; wherein the firewall including "domain support 
engine (DSE)" corresponds to the management means claimed; and wherein the proxy 
corresponds to the control means claimed; Coss) of said data processing server and, on 
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receipt of auxiliary data representing operating parameters delivered by said control 
means after reception by the data processing server of secondary data (Col. 5, lines 35 
- 47; Col. 6, lines 29 - 28; "the session key is obtained from the IP header of the 
packet" , Coss), selects at least one of the primary identifiers in the first table (Col. 5, 
lines 43 - 46; Col. 6, lines 35-49, "if a match is found..."; lines 59 - 62, "cache look- 
up. ..rule set look-up..."; and Col. 7, lines 14-21, "domain table"; Coss) and associates 
said auxiliary data therewith so as to define said dedicated processes of said control 
means (Col. 4, lines 3-6; Col. 5, lines 35 - 40; and Col. 6, lines 63 - 67, "is a rule 
applies to the packet ...for insertion of one packet into another ("tunnel option"); Coss). 



Conclusion 

9. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 
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Points Of Contact 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to GIOVANNA COLAN whose telephone number is 
(571)272-2752. The examiner can normally be reached on 8:30 am - 5:00 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, John Breene can be reached on (571) 272-4107. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

Giovanna Colan 
Examiner 
Art Unit 2162 
March 15, 2009 



/John Breene/ 

Supervisory Patent Examiner, Art Unit 2162 



